New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
/etc/kubernetes/azure.json: permission denied #729
Comments
@toutougabi could you share the teapot External DNS deployment config? |
|
`apiVersion: rbac.authorization.k8s.io/v1beta1
|
`apiVersion: rbac.authorization.k8s.io/v1beta1
|
apiVersion: extensions/v1beta1 |
@toutougabi have you ssh to that node ,and check |
@andyzhangx This is on AKS right? I don't think we have kms enabled there. Also kms only impacts master nodes, not agent nodes. |
Yes on AKS |
Does your teapot container run as root? AFAIK, the azure.json file is always mounted with You're running the latest external-dns image and I believe this was indeed recently changed: kubernetes-sigs/external-dns#684. If that's the case, you could try configuring the security context back to root with |
Closing this issue as old/stale. If this issue still comes up, please confirm you are running the latest AKS release. If you are on the latest release and the issue can be re-created outside of your specific cluster please open a new github issue. If you are only seeing this behavior on clusters with a unique configuration (such as custom DNS/VNet/etc) please open an Azure technical support ticket. |
What happened:
Since today, our pods cannot access /etc/kubernetes/azure.json.
Worked for the last 50 days but since this morning, our custom External DNS pods crash on start with this error : failed to read Azure config file '/etc/kubernetes/azure.json': open /etc/kubernetes/azure.json: permission denied
What you expected to happen:
Used to work before
How to reproduce it (as minimally and precisely as possible):
Deploy a custom teapot External DNS deployment
Anything else we need to know?:
Environment:
kubectl version
): 1.11The text was updated successfully, but these errors were encountered: